Jay Heiser

A member of the Gartner Blog Network

Archives for August, 2012


Machine or hand stitched?

by Jay Heiser  |  August 29, 2012  |  Comments Off

Replacing a button on one of my customer-facing shirts this weekend motivated some thoughts on resiliency. Why did the button fall off in the first place?  It was sewn on by machine, a clever bit of automation that is based on interlocking threads from the top of the garment with threads from the bottom. It [...]

Comments Off

Category: risk management     Tags: ,

Long Live Client Server

by Jay Heiser  |  August 13, 2012  |  2 Comments

Has anyone ever created a web-based application that wasn’t flaky and prone to data loss? Every time Facebook comes out with some new functionality, the entire service gets slower, and harder to use.  I’m not sure that there could be a more efficient way to lose text as it is entered than by trying to [...]

2 Comments »

Category: Applications     Tags: , , , ,

Definition: Service Provider Security Evaluation

by Jay Heiser  |  August 10, 2012  |  2 Comments

The process in which the buyer asks a random list of questions that might have some minor relevance to some aspect of a provider’s security posture, and the potential provider pretends to answer them.

2 Comments »

Category: Cloud risk management security     Tags: , , ,

May the Farce Be With You: pretend-complex passwords

by Jay Heiser  |  August 8, 2012  |  Comments Off

I was recently forced to change my password on a UK pension system, and my first 4 password offerings were unacceptable. I was baffled as to what part of the password didn’t meet the requirements.  Today, I needed to login and review a pay stub, had to reset my password, and the exact same thing [...]

Comments Off

Category: Cloud security     Tags: , , , ,

Recent Academic papers on how complexity increases risk

by Jay Heiser  |  August 7, 2012  |  Comments Off

The financial sector links otherwise weakly coupled economic sectors, particularly during economic declines. Such links increase economic risk and the extent of cascading failures. Our results suggest that firewalls between financial services for different sectors would reduce systemic risk without hampering economic growth. From “Networks of Economic Market Interdependence and Systemic Risk”, by Dion Harmon, [...]

Comments Off

Category: risk management     Tags: , ,

Why today’s stock market is inherently unreliable

by Jay Heiser  |  August 3, 2012  |  Comments Off

If you wanted to sabotage a trading system, you might set out to design suicide mechanisms that look very much like today’s automated trading mechanisms.  Blaming Knight Capital’s screwed pooch on ‘software bug’ is a simplistic and flawed starting point for understanding the bigger risk picture. Automated mechanisms within trading systems act as positive feedback [...]

Comments Off

Category: Policy risk management Strategic Planning     Tags: , , , , ,

Passwords are dead; long live the password

by Jay Heiser  |  August 1, 2012  |  1 Comment

I spent a frustrating 5 minutes this weekend enduring a forced password change on a retirement account containing $400. I was sure that the randomly generated and completely unmemorizable string my password utility came up with exceeded 7 characters, contained upper and lower case letters, at least 1 number, and a special character. It finally [...]

1 Comment »

Category: security     Tags: , , , , , ,